Quantcast

Maximum PC

It is currently Sat Aug 30, 2014 9:35 am

All times are UTC - 8 hours




Post new topic Reply to topic  [ 19 posts ] 
Author Message
 Post subject: Interfacing with Running Programs
PostPosted: Tue Jul 21, 2009 8:17 pm 
Northwood
Northwood
User avatar

Joined: Sun Jul 15, 2007 6:37 pm
Posts: 2261
Location: No. 1 Thread Killer
This is going to be a personal project.

I want to create a small program that gets the kills from a certain (unsupported) computer game we call Halo and log them in a text file.

With Java. (Native Access) This is going to take a long time because i'm still comparably new to this whole thing, however I have hope.


Top
  Profile  
 
 Post subject:
PostPosted: Wed Jul 22, 2009 3:36 am 
SON OF A GUN
SON OF A GUN
User avatar

Joined: Mon Nov 01, 2004 5:41 am
Posts: 11605
Oh man... good luck with that one?

The first thought I had for getting that information is watching the memory and trying to find what location it stores the kill count in (although this will change frequently).


Top
  Profile  
 
 Post subject:
PostPosted: Wed Jul 22, 2009 9:41 am 
Northwood
Northwood
User avatar

Joined: Sun Jul 15, 2007 6:37 pm
Posts: 2261
Location: No. 1 Thread Killer
CrashTECH wrote:
Oh man... good luck with that one?

The first thought I had for getting that information is watching the memory and trying to find what location it stores the kill count in (although this will change frequently).


Somebody made a heatmap generator for the game so I'm guessing it's possible with C#/C++; I want to do a proof of concept for Java though.

And, by the way, I was thinking that too.


Top
  Profile  
 
 Post subject:
PostPosted: Wed Jul 22, 2009 9:45 am 
SON OF A GUN
SON OF A GUN
User avatar

Joined: Mon Nov 01, 2004 5:41 am
Posts: 11605
Link to the heat map stuff?

There might be some stuff in there you can use.


Top
  Profile  
 
 Post subject:
PostPosted: Wed Jul 22, 2009 7:47 pm 
Northwood
Northwood
User avatar

Joined: Sun Jul 15, 2007 6:37 pm
Posts: 2261
Location: No. 1 Thread Killer
CrashTECH wrote:
Link to the heat map stuff?

There might be some stuff in there you can use.


I have the coder on xFire so I could ask him for it but here's the actual program:

http://www.intergalactic-morons.fumbari ... 0v1.00.zip


Top
  Profile  
 
 Post subject:
PostPosted: Wed Jul 22, 2009 8:45 pm 
Northwood
Northwood
User avatar

Joined: Sun Jul 15, 2007 6:37 pm
Posts: 2261
Location: No. 1 Thread Killer
Actually I think I might use C++, for pointers instead.


Top
  Profile  
 
 Post subject:
PostPosted: Thu Jul 23, 2009 3:13 am 
SON OF A GUN
SON OF A GUN
User avatar

Joined: Mon Nov 01, 2004 5:41 am
Posts: 11605
probably a good idea.


Top
  Profile  
 
 Post subject:
PostPosted: Mon Jul 27, 2009 8:10 pm 
Team Member Top 100
Team Member Top 100

Joined: Fri Sep 17, 2004 5:35 pm
Posts: 1176
I made something to do exactly that a while ago. The source code is freely available somewhere (I think I posted it on Halomods). I made a few classes for it in C++.

If you're looking to do this on your own for your own benefit, you'll want to look into ReadProcessMemory() and WriteProcessMemory().

EDIT: Here are the classes. God my C++ skills sucked back in 2004. As CrashTECH pointed out, the locations are liable to change from version to version, but IIRC the locations I chose are never deleted and reallocated. You can be sure they are valid once you've found the correct offset. The offset has likely changed since I wrote this. You should use a memory searching tool (TSearch works very well) to find the initial offset, upon which all others are based.

Sorry for the length.
Player.h:
Code:
/*
Player.h

Contains a class that provides functions for reading in and retrieving player information
in Halo.

Copyright 2004 Kybo Ren
*/
#include <windows.h>
#include <string>
#include <algorithm>
#include <cmath>
#include <cstring>

/*
#ifdef _DEBUG
#define CRTDBG_MAP_ALLOC
#include <stdlib.h>
#include <crtdbg.h>
#endif
//this is a class I have to detect memory leaks for me -- don't worry about it
*/

#define MAX_INSTANCES 12
#define MAX_NAMELENGTH 24

#define PC_DS 1
#define PC_GM 2
#define CE_DS 3
#define CE_GM 4//pc and ce ingame and DS servers

#define PC_DS_CLASS 0x4029CF64
#define PC_DS_SCORE 0x63A090

#define CE_GM_CLASS 0x402AB07A
#define CE_GM_SCORE 0x64C280

#define PC_GM_CLASS 0x0
#define PC_GM_SCORE 0x0//PC ingame is obviously not supported right now.

int my_itoa(const int number, char *data);//base can only be 10, and ASSUMES the data buffer supplied is big enough to hold the number

class Player
{
   int player_score;
   short player_deaths;
   short player_assists;
   short player_kills;
   short player_betrayals;
   short player_suicides;
   char player_team;
   char player_ingame;
   std::string player_name;
   std::string player_ipadd;
   std::string player_cdkey;
   //end of player data
   //start of class data
   int SIZE;//offset between players
   int ASSISTS;//offset of assists from kills
   int DEATHS;//offset of deaths from kills (beginning of player info structure)
   int SUICIDES;//offset of suicides from kills
   int TKS;//offset of TKs for each player from kills
   int NAMES;//offset of name from player's kills.
   int TEAMS;//IMPORTANT: this is the offset of player teams from player 1 kills! this is an array of characters! ***NOT PART OF THE STRUCTURE***
   int PLAYERIN;//IMPORTANT: this is the offset of player teams from player 1 score! this is an array of separate structures! ***NOT PART OF THE PLAYER INFO STRUCTURE**
   int PLAYERSZ;//Size of the abovementioned structure
   //start of individual class data
   unsigned int player_class_location;
   unsigned int player_score_location;
   unsigned int player_number;

   unsigned long process_PID;
   HANDLE hProc;//the handle to the process

public:
   
   Player();
   Player(const unsigned long &PID, const unsigned int &type, const unsigned int &player_number);
   ~Player();
   int Score();
   short Deaths();
   short Kills();
   short Betrayals();
   short Assists();
   short Suicides();
   char Team();
   char In_game();
   const char *Name();
   int Refresh();
   int Refresh_Score();
   int Refresh_Kills();
   int Refresh_Assists();
   int Refresh_Deaths();
   int Refresh_Suicides();
   int Refresh_Betrayals();
   int Refresh_Team();
   int Refresh_In_Game();
   int Refresh_Name();
   //end of player info
   //start of class info
   void Set_PID(const unsigned long &PID);
   void Set_Location(const unsigned long &class_location, const unsigned long &score_location, const unsigned long &ipadd_location);
   void Set_Player_Number(const unsigned int &player_num);
   void Set_Size(const unsigned long &size);
   void Set_Type(const unsigned long &type);
   bool Handle_Is_Null();
   unsigned int Open_Halo();
};//our player class

Player::Player()
{
   SIZE    = 0x200;
   ASSISTS = 0x8;
   DEATHS  = 0x12;
   SUICIDES= 0x14;
   TKS     = 0x44;
   NAMES   = -0x54;
   TEAMS   = -0x7C;
   PLAYERIN= -0x890;
   PLAYERSZ= 0x30;

   player_score = 0;
   player_deaths = 0;
   player_kills = 0;
   player_betrayals = 0;
   player_team = 0;
   player_ingame = 0;
   player_name = "<NULL>";

   player_class_location = 0;
   player_score_location = 0;
   player_ipadd_location = 0;
   player_number = 0;
   process_PID = 0;
}

Player::Player(const unsigned long& PID, const unsigned int &type, const unsigned int &player_num)
{
   switch(type)
   {
   case PC_DS:
      player_class_location = PC_DS_CLASS;
      player_score_location = PC_DS_SCORE;
      break;
   case CE_GM:
      player_class_location = CE_GM_CLASS;
      player_score_location = CE_GM_SCORE;
      break;
   case PC_GM:
      player_class_location = PC_GM_CLASS;
      player_score_location = PC_GM_SCORE;
      break;
   default:
      break;
   }

   if( (player_num <= 16) && (player_num >= 1) )//if valid range
   {
      player_number = player_num;
   }

   process_PID = PID;//assign PID

   SIZE    = 0x200;
   ASSISTS = 0x8;
   DEATHS  = 0x12;
   SUICIDES= 0x14;
   TKS     = 0x44;
   NAMES   = -0x54;
   TEAMS   = -0x7C;
   PLAYERIN= -0x890;
   PLAYERSZ= 0x30;

   player_score = 0;
   player_deaths = 0;
   player_kills = 0;
   player_team = 0;
   player_ingame = 0;
   player_name = "<NULL>";

   hProc = OpenProcess(PROCESS_VM_READ, FALSE, process_PID);//attempt to open the process
   if(hProc == NULL)
   {      
      hProc = NULL;//assign a NULL value
   }//we failed.  Oh. Noes.  We'll try again when refreshing

}

Player::~Player()
{
   CloseHandle(hProc);//close our handle
}

int Player::Score()
{
   return player_score;
}

short Player::Deaths()
{
   return player_deaths;
}

short Player::Suicides()
{
   return player_suicides;
}

short Player::Kills()
{
   return player_kills;
}

short Player::Betrayals()
{
   return player_betrayals;
}

short Player::Assists()
{
   return player_assists;
}

char Player::Team()
{
   return player_team;
}

char Player::In_game()
{
   return player_ingame;
}

const char * Player::Name()
{
   return player_name.c_str();
}

int Player::Refresh()
{   
   int result = 1;// we start with one so we can mutiply
   char name[13];//temp buffer for name
   ipaddr_union address;//for the IP address
   
   if(hProc == NULL)
   {   
      hProc = OpenProcess(PROCESS_VM_READ, FALSE, process_PID);
      
      if(hProc == NULL)
      {
         MessageBox(0, "Couldn't open the Halo process for reading.  \nIf you are sure Halo is running and you have access, send an email to Kybo Ren at:\nkyboren@gmail.com", "Warning", MB_OK | MB_ICONWARNING);
         return 0;//0 is fail
      }//we try once more then fail
   }
   
    result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_score_location) + ((player_number-1)*4)        + 0      ), (void*)&player_score    , 4, 0);//read scores
   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_class_location) + ((player_number-1)*SIZE)     + 0      ), (void*)&player_kills    , 2, 0);//read kills
   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_class_location) + ((player_number-1)*SIZE)     + DEATHS ), (void*)&player_deaths   , 2, 0);//read deaths
   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_class_location) + ((player_number-1)*SIZE)     +SUICIDES), (void*)&player_suicides , 2, 0);//read suicides
   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_class_location) + ((player_number-1)*SIZE)     + ASSISTS), (void*)&player_assists  , 2, 0);//read assists
   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_class_location) + ((player_number-1)*SIZE)     + TKS    ), (void*)&player_betrayals, 2, 0);//read TKs
   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_score_location) + ((player_number-1)*PLAYERSZ)+ PLAYERIN), (void*)&player_ingame   , 1, 0);//read ingame
   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_class_location) + ((player_number-1)*SIZE)     + TEAMS  ), (void*)&player_team     , 1, 0);//read team
   for(unsigned int name_index = 0; name_index < MAX_NAMELENGTH; name_index += 2)
   {
      result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_class_location) + ((player_number-1)*SIZE) + NAMES + name_index), (void*)&name[(name_index / 2)], 1, 0);//read name
   }
   name[12] = '\0';//nullify the name
   player_name = name;//the name is what we just read   

   return result;
}

int Player::Refresh_Score()
{
   if(hProc == NULL)
   {   
      hProc = OpenProcess(PROCESS_VM_READ, FALSE, process_PID);
      
      if(hProc == NULL)
      {
         MessageBox(0, "Couldn't open the Halo process for reading.  \nIf you are sure Halo is running and you have access, send an email to Kybo Ren at:\nkyboren@gmail.com", "Warning", MB_OK | MB_ICONWARNING);
         return 0;//0 is fail
      }//we try once more then fail
      
   }//if hProc still is messed   
   int result = 1;

   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_score_location) + ((player_number-1)*4)        + 0      ), (void*)&player_score    , 4, 0);//read scores
   
   return result;
}

int Player::Refresh_Kills()
{
   if(hProc == NULL)
   {   
      hProc = OpenProcess(PROCESS_VM_READ, FALSE, process_PID);
      
      if(hProc == NULL)
      {
         MessageBox(0, "Couldn't open the Halo process for reading.  \nIf you are sure Halo is running and you have access, send an email to Kybo Ren at:\nkyboren@gmail.com", "Warning", MB_OK | MB_ICONWARNING);
         return 0;//0 is fail
      }//we try once more then fail
      
   }//if hProc still is messed   
   int result = 1;

   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_class_location) + ((player_number-1)*SIZE)     + 0      ), (void*)&player_kills    , 2, 0);//read kills
   
   return result;
}

int Player::Refresh_Betrayals()
{
   if(hProc == NULL)
   {   
      hProc = OpenProcess(PROCESS_VM_READ, FALSE, process_PID);
      
      if(hProc == NULL)
      {
         MessageBox(0, "Couldn't open the Halo process for reading.  \nIf you are sure Halo is running and you have access, send an email to Kybo Ren at:\nkyboren@gmail.com", "Warning", MB_OK | MB_ICONWARNING);
         return 0;//0 is fail
      }//we try once more then fail
   }//if hProc still is messed   
   int result = 1;

   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_class_location) + ((player_number-1)*SIZE)     + TKS    ), (void*)&player_betrayals, 2, 0);//read TKs
   
   return result;
}

int Player::Refresh_Assists()
{
   if(hProc == NULL)
   {   
      hProc = OpenProcess(PROCESS_VM_READ, FALSE, process_PID);
      
      if(hProc == NULL)
      {
         MessageBox(0, "Couldn't open the Halo process for reading.  \nIf you are sure Halo is running and you have access, send an email to Kybo Ren at:\nkyboren@gmail.com", "Warning", MB_OK | MB_ICONWARNING);
         return 0;//0 is fail
      }//we try once more then fail

   }//if hProc still is messed   
   int result = 1;

   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_class_location) + ((player_number-1)*SIZE)     + ASSISTS), (void*)&player_assists  , 2, 0);//read assists
   
   return result;
}

int Player::Refresh_Deaths()
{
   if(hProc == NULL)
   {   
      hProc = OpenProcess(PROCESS_VM_READ, FALSE, process_PID);
      
      if(hProc == NULL)
      {
         MessageBox(0, "Couldn't open the Halo process for reading.  \nIf you are sure Halo is running and you have access, send an email to Kybo Ren at:\nkyboren@gmail.com", "Warning", MB_OK | MB_ICONWARNING);
         return 0;//0 is fail
      }//we try once more then fail
      
   }//if hProc still is messed   
   int result = 1;

   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_class_location) + ((player_number-1)*SIZE)     + DEATHS ), (void*)&player_deaths   , 2, 0);//read deaths
   
   return result;
}


int Player::Refresh_Suicides()
{
   if(hProc == NULL)
   {   
      hProc = OpenProcess(PROCESS_VM_READ, FALSE, process_PID);
      
      if(hProc == NULL)
      {
         MessageBox(0, "Couldn't open the Halo process for reading.  \nIf you are sure Halo is running and you have access, send an email to Kybo Ren at:\nkyboren@gmail.com", "Warning", MB_OK | MB_ICONWARNING);
         return 0;//0 is fail
      }//we try once more then fail
      
   }//if hProc still is messed   
   int result = 1;

   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_class_location) + ((player_number-1)*SIZE)     +SUICIDES), (void*)&player_suicides , 2, 0);//read suicides
   return result;
}


int Player::Refresh_Team()
{
   if(hProc == NULL)
   {   
      hProc = OpenProcess(PROCESS_VM_READ, FALSE, process_PID);
      
      if(hProc == NULL)
      {
         MessageBox(0, "Couldn't open the Halo process for reading.  \nIf you are sure Halo is running and you have access, send an email to Kybo Ren at:\nkyboren@gmail.com", "Warning", MB_OK | MB_ICONWARNING);
         return 0;//0 is fail
      }//we try once more then fail
   }//if hProc still is messed   
   int result = 1;

   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_class_location) + ((player_number-1)*SIZE)     + TEAMS  ), (void*)&player_team     , 1, 0);//read team
   
   return result;
}

int Player::Refresh_In_Game()
{
   if(hProc == NULL)
   {   
      hProc = OpenProcess(PROCESS_VM_READ, FALSE, process_PID);
      
      if(hProc == NULL)
      {
         MessageBox(0, "Couldn't open the Halo process for reading.  \nIf you are sure Halo is running and you have access, send an email to Kybo Ren at:\nkyboren@gmail.com", "Warning", MB_OK | MB_ICONWARNING);
         return 0;//0 is fail
      }//we try once more then fail

   }//if hProc still is messed   
   int result = 1;

   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_score_location) + ((player_number-1)*PLAYERSZ) + PLAYERIN     ), (void*)&player_ingame   , 1, 0);//read ingame
   
   return result;
}

int Player::Refresh_Name()
{
   if(hProc == NULL)
   {   
      hProc = OpenProcess(PROCESS_VM_READ, FALSE, process_PID);
      
      if(hProc == NULL)
      {
         MessageBox(0, "Couldn't open the Halo process for reading.  \nIf you are sure Halo is running and you have access, send an email to Kybo Ren at:\nkyboren@gmail.com", "Warning", MB_OK | MB_ICONWARNING);
         return 0;//0 is fail
      }//we try once more then fail
   }//if hProc still is messed   
   int result = 1;
   char name[13];

   for(unsigned int name_index = 0; name_index < MAX_NAMELENGTH; name_index += 2)
   {
      result *= ReadProcessMemory(hProc, reinterpret_cast<void*>((player_class_location) + ((player_number-1)*SIZE) + NAMES + name_index), (void*)&name[(name_index / 2)], 1, 0);//read name
   }
   name[12] = '\0';//nullify the name
   player_name = name;//the name is what we just read

   return result;
}

void Player::Set_PID(const unsigned long &PID)
{
   process_PID=PID;
}

void Player::Set_Location(const unsigned long &class_location, const unsigned long &score_location, const unsigned long &ipadd_location)
{
   player_class_location = class_location;
   player_score_location = score_location;
   player_ipadd_location = ipadd_location;
}

void Player::Set_Player_Number(const unsigned int &player_num)
{
   player_number = player_num;
}

void Player::Set_Size(const unsigned long &size)
{
   SIZE = size;
}

void Player::Set_Type(const unsigned long &type)
{
   switch(type)
   {
   case PC_DS:
      player_class_location = PC_DS_CLASS;
      player_score_location = PC_DS_SCORE;
      break;
   case CE_GM:
      player_class_location = CE_GM_CLASS;
      player_score_location = CE_GM_SCORE;
      break;
   case PC_GM:
      player_class_location = PC_GM_CLASS;
      player_score_location = PC_GM_SCORE;
      break;
   default:
      break;
   }
}
bool Player::Handle_Is_Null()
{
   return (hProc == NULL);
}

unsigned int Player::Open_Halo()
{
   hProc = OpenProcess(PROCESS_VM_READ, FALSE, process_PID);
   return (hProc != NULL);//return 1 for success
}

int my_itoa(const int number, char *data)
{
   std::string buf;
   std::string buffer;
   int num = std::abs(number);
   const unsigned int numdigits = (log((float)num) / log(10.0f)) + 1;
   unsigned int dig_buf;
   
   for(int i = 1; i <= numdigits; ++i)
   {
      dig_buf = static_cast<int>(std::pow(10.0f, i-1));

      buffer = (num % static_cast<int>(std::pow(10.0f, i))) / dig_buf + '0';
      buf += buffer;
   }

   if(number < 0)
   {
      buf += '-';
   }

   std::reverse(buf.begin(), buf.end());

   std::strcpy(data, buf.c_str());

   return (buf.size() > 0);
   
};


Server.h:
Code:
/*
Server.h

Provides a class interface to be used between your application and Halo.

Copyright 2004 Kybo Ren
*/
#include <vector>
#include "Player.h"

#define MAX_PLAYERS 16

#define ERROR 0
#define PC_DS 1
#define PC_GM 2
#define CE_DS 3
#define CE_GM 4//pc and ce ingame and DS servers

#define PC_DS_GAMETYPE 0x6712D8 //1 = CTF, 2 = Slayer, 3 = Oddball, 4 = KOTH, 5 = Race
#define CE_GM_GAMETYPE 0x0
#define PC_GM_GAMETYPE 0x0//obviously these aren't implemented#nwe

const int CTF     = 1;
const int SLAYER  = 2;
const int ODDBALL = 3;
const int KOTH    = 4;
const int RACE    = 5;//gametypes
const char gametypes[5][15] = {"CTF","Slayer","Oddball","KOTH","Race"};//gametype strings


class Server
{
   unsigned long server_PID;//the PID of the server
   unsigned long server_isEnabled;//is it enabled?  did the user check off this box?
   unsigned long server_Number;//i.e. 1 for "Halo Console (1)", 2 for "Halo Console (2)"
   unsigned long server_Type;//type of server, i.e. Halo PC DS, Halo CE game
   unsigned long server_Gametype;//gametype on server
   unsigned long server_gametype_loc;//location of gametype on server proc
   HANDLE hProc;//handle to the process
   HANDLE server_thread;//handle to the thread for this process

public:
   Server();//default constructor
   ~Server();//destructor
   std::vector<Player*> Players;//vector of POINTERS to Player objects
   ConsoleLogger Console;//for logging the console data if it is a DS
   const char *Gametype();//returns gametype string of current gametype on server
   const unsigned long PID();
   HANDLE Thread();//returns a handle to the current thread
   const unsigned long isEnabled();
   const unsigned long Number();
   const unsigned long Type();//echoes the variables above
   const int Refresh(void);//refresh all
   const int Set_PID(const unsigned long PID);
   const int Set_Thread(HANDLE hThread);
   const int Set_Enabled(const unsigned long isEnabled);
   const int Set_Number(const unsigned long Number);//sets the variables above
   const int Set_Type(const unsigned int Type);//set type
   const int Set_All(const unsigned long PID, HANDLE hThread, const unsigned long isEnabled, const unsigned long Number, const unsigned long Type);

};

Server::Server()
{
   server_PID = 0;
   server_thread = 0;
   server_isEnabled = 0;
   server_Number = 0;
   server_Type = 0;
   server_thread = 0;//0 the values


   for(unsigned int i=0; i < MAX_PLAYERS; ++i)
   {
      Players.push_back(new Player(server_PID, server_Type, (i+1)));//insert a new player
   }

}

const int Server::Set_All(const unsigned long PID, HANDLE hThread, const unsigned long isEnabled, const unsigned long Number, const unsigned long Type)
{
   server_PID = PID;
   server_thread = hThread;
   server_isEnabled = isEnabled;
   server_Number = Number;
   server_Type = Type;

   switch(Type)
   {
      case PC_DS:
         server_gametype_loc = PC_DS_GAMETYPE;
         break;
      case CE_GM:
         server_gametype_loc = CE_GM_GAMETYPE;
         break;
      case PC_GM:
         server_gametype_loc = PC_GM_GAMETYPE;
         break;

      default:
         server_gametype_loc = PC_DS_GAMETYPE;//weird type, assume PC dedicated server
         break;
   }

   return 0;
}

Server::~Server()
{
   for(unsigned int i=0; i < MAX_PLAYERS; ++i)
   {
      delete Players[i];//delete memory
   }

   CloseHandle(hProc);//close the handle to the proc
   CloseHandle(server_thread);//close the thread handle
}

const unsigned long Server::PID()
{
   return server_PID;
}

HANDLE Server::Thread()
{
   return server_thread;
}

const unsigned long Server::isEnabled()
{
   return server_isEnabled;
}

const unsigned long Server::Number()
{
   return server_Number;
}

const unsigned long Server::Type()
{
   return server_Type;
}

const int Server::Refresh()
{
   int result = 1;

   if(hProc == NULL)
   {   
      hProc = OpenProcess(PROCESS_VM_READ, FALSE, server_PID);
      
      if(hProc == NULL)
      {
         MessageBox(0, "Couldn't open the Halo process for reading.  \nIf you are sure Halo is running and you have access, send an email to Kybo Ren at:\nkyboren@gmail.com", "Warning", MB_OK | MB_ICONWARNING);
         return 0;//0 is fail
      }//we try once more, then fail
      
   }//if hProc still is messed   

   for(unsigned int i = 0; i < MAX_PLAYERS; ++i)
   {
      if(Players[i]->Handle_Is_Null())//null handle
      {
         Players[i]->Open_Halo();//try to open the process
      }

      result *= Players[i]->Refresh();
   }
   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>(server_gametype_loc), (void*)&server_Gametype, 1, 0);//read gametype

   return result;
}


const int Server::Set_PID(const unsigned long PID)
{
   server_PID = PID;

   for(unsigned int i=0; i < MAX_PLAYERS; ++i)
   {
      Players[i]->Set_PID(PID);
   }

   return 0;
}

const int Server::Set_Thread(HANDLE hThread)
{
   if(hThread = NULL)
   {
      return 1;
   }

   server_thread = hThread;

   return 0;
}

const int Server::Set_Enabled(const unsigned long isEnabled)
{
   server_isEnabled = isEnabled;
   
   return 0;
}

const int Server::Set_Number(const unsigned long Number)
{
   server_Number = Number;

   return 0;
}
const int Server::Set_Type(const unsigned int Type)
{
   server_Type = Type;

   
   for(unsigned int i = 0; i < MAX_PLAYERS; ++i)
   {
      Players[i]->Set_Type(Type);
   }//set the type

   return Type;
}

const char *Server::Gametype()
{
   if(hProc == NULL)
   {   
      hProc = OpenProcess(PROCESS_VM_READ, FALSE, server_PID);
      
      if(hProc == NULL)
      {
         MessageBox(0, "Couldn't open the Halo process for reading.  \nIf you are sure Halo is running and you have access, send an email to Kybo Ren at:\nkyboren@gmail.com", "Warning", MB_OK | MB_ICONWARNING);
         return 0;//0 is fail
      }//we try once more, then fail
      
   }//if hProc still is messed   
   int result = 1;

   result *= ReadProcessMemory(hProc, reinterpret_cast<void*>(server_gametype_loc), (void*)&server_Gametype, 1, 0);//read gametype

   return gametypes[server_Gametype];
}


No guarantees on anything, but it did work when I wrote it. Even if you want to do this as a personal project, this could be a helpful reference. Good luck.


Top
  Profile  
 
 Post subject:
PostPosted: Tue Jul 28, 2009 3:13 am 
SON OF A GUN
SON OF A GUN
User avatar

Joined: Mon Nov 01, 2004 5:41 am
Posts: 11605
That is pretty awesome! I am definitely interested in it myself. This could be adapted to COD etc etc.

Thanks for sharing!


Top
  Profile  
 
 Post subject:
PostPosted: Fri Jul 31, 2009 9:43 am 
Northwood
Northwood
User avatar

Joined: Sun Jul 15, 2007 6:37 pm
Posts: 2261
Location: No. 1 Thread Killer
here is something that i've worked on with a person. It latches onto HaloCE, activates devmode, and then flickers wireframe.

It's rather simple but the parts I did was what made it pulse in and out of wireframe . He did the injecting of the .dll that was created.


Top
  Profile  
 
 Post subject:
PostPosted: Sat Aug 01, 2009 3:02 pm 
Team Member Top 100
Team Member Top 100

Joined: Fri Sep 17, 2004 5:35 pm
Posts: 1176
Yep, that's the idea. I assume you're writing to some internal buffer directly?

BTW, there is a better way of doing the wireframe hack, namely by exploiting the Windows DLL search path and sticking a custom DLL with the same name and interface as the DirectX DLL in the same folder as the Halo EXE.


Top
  Profile  
 
 Post subject:
PostPosted: Sat Aug 01, 2009 5:05 pm 
Northwood
Northwood
User avatar

Joined: Sun Jul 15, 2007 6:37 pm
Posts: 2261
Location: No. 1 Thread Killer
Kybo_Ren wrote:
Yep, that's the idea. I assume you're writing to some internal buffer directly?

BTW, there is a better way of doing the wireframe hack, namely by exploiting the Windows DLL search path and sticking a custom DLL with the same name and interface as the DirectX DLL in the same folder as the Halo EXE.


You might be interested in this then. He basically created his own d3d9.dll and opensourced it.

If you can show me how to use that to put my file into Halo it would be awesome. (It's VC++ 2005 though :/ )


Top
  Profile  
 
 Post subject:
PostPosted: Tue Aug 04, 2009 12:12 am 
Team Member Top 100
Team Member Top 100

Joined: Fri Sep 17, 2004 5:35 pm
Posts: 1176
Hehe, Kornman's a smarty. He's been in the Halo PC modding community almost as long as Monoxide. I didn't get a chance to read everything in-depth, but it looks like he's expanded this idea and taken it to a whole new level. You can mod most of the important parts of the game in-memory through a custom DirectX DLL exploiting the same search path issue I talked about earlier. Very cool.

Anyway, I think you're getting confused with what this is doing. It is not loading any file into Halo (well, it is mapping the custom DLL into Halo's memory space [if you open up Memory/MemoryInterface.cpp, see how he can use a regular memcpy() for WriteMemory(), instead of WriteProcessMemory()? That's because we're in the same process], but I don't think that's what you meant). What exactly are you trying to do?

BTW, this will work fine with VC++ 2008 Express Edition. It's free. So is the DirectX SDK (you'll need that, too).


Top
  Profile  
 
 Post subject:
PostPosted: Tue Aug 04, 2009 5:56 am 
Northwood
Northwood
User avatar

Joined: Sun Jul 15, 2007 6:37 pm
Posts: 2261
Location: No. 1 Thread Killer
Yeh Korn's pretty smart. Thing is, I don't know how to use Open sauce when I download it and look at the source. I don't know if I need to use addresses and pointers to change what I want or what. If you compile Open Sauce completely then it comes out as d3d9.dll and you replace the original d3d9.dll with it. (Korn's VC++ Express 2005 won't convert to VC++ Express 2008 :/ )

The thing I do is kinda simple. It's a modified Strings.dll that links to another DLL (IGLDLL, not included with halo) that adds any items in the custom ig\ce folder. Then my .dll that does the wireframe swapping in and out (Using codecaves) forces dev mode on and off. Korn himself if you read far enough, told me that there was a more efficient way to do this.

------------------------- [Remember, i'm a newb at Hex, Addressing etc]

On with another project that's part of Halo CE modding:

First of all, let me explain what i'm doing: I want to get the text I type and when I press Enter, it replaces my text with Unicode Characters that look cool yet you can still read the message.

(Using OllyDebug) Okay so i've got this address - 004ADDF0. It has something to do with text. So I add a breakpoint, and I found about two lines that show my text. Now what? Do i copy the assember at those lines?


Top
  Profile  
 
 Post subject:
PostPosted: Tue Aug 04, 2009 5:51 pm 
Northwood
Northwood
User avatar

Joined: Sun Jul 15, 2007 6:37 pm
Posts: 2261
Location: No. 1 Thread Killer
I learned that in Addressing each Line of Assembler's size is = NextAddress - FirstAddress

Code:
unsigned char text[];

void textReplacer()
{



}

__declspec(naked) void getReplaceText(void)
{
   __asm
   {
   pop retnAddr
   
   MOV text, EAX
   
   pushfd
   pushad
   }


textReplacer();

   __asm
      {   
         popfd
         popad
         ADD ESP, 8
         MOV esi, text
         PUSH EDI
         push retnAddr   
         ret
      }
}


Top
  Profile  
 
 Post subject:
PostPosted: Sat Sep 19, 2009 5:16 am 
Northwood
Northwood
User avatar

Joined: Sun Jul 15, 2007 6:37 pm
Posts: 2261
Location: No. 1 Thread Killer
k so I finished that code guys. For any of those interested:

[code]
using namespace std;

DWORD _RETN_;

wchar_t * text;


void textReplacer(wchar_t* text)
{
while(*text != 0x0000)
{
if(*text == L'a')
*text = L'ä'; //\x4B
else if(*text == L'b')
*text = L'в';
else if(*text == L'c')
*text = L'Ä


Top
  Profile  
 
 Post subject: QUADRUPLE POST
PostPosted: Sat Sep 26, 2009 10:49 am 
Northwood
Northwood
User avatar

Joined: Sun Jul 15, 2007 6:37 pm
Posts: 2261
Location: No. 1 Thread Killer
Okay so I tried to get the program that is above, integrated into Open Sauce:

get it here

And idk what i'm doing wrong.

1>TextReplacer.cpp
1>.\TextReplacer.cpp(1) : warning C4627: '#include "CodeCave.cpp"': skipped when looking for precompiled header use
1> Add directive to 'Common\Precompile.hpp' or rebuild precompiled header
1>.\TextReplacer.cpp(101) : error C3861: 'Codecave': identifier not found

Both CodeCave and TextReplacer are in the "Game" folders of the Project. There are a few other things like moving the #includes to the precompile header etc, but that's not the problem.


Top
  Profile  
 
 Post subject:
PostPosted: Mon Sep 28, 2009 3:26 pm 
Million Club - 5 Plus*
Million Club - 5 Plus*
User avatar

Joined: Sun Sep 12, 2004 6:37 pm
Posts: 4745
Location: In the monkey's litterbox
C++ is case sensitive, so Codecave != CodeCave


Top
  Profile  
 
 Post subject:
PostPosted: Wed Nov 11, 2009 10:35 am 
Northwood
Northwood
User avatar

Joined: Sun Jul 15, 2007 6:37 pm
Posts: 2261
Location: No. 1 Thread Killer
Okay so I know this is old but it's still on the first page.

I have created some code which modifies a byte in the program's memory, which compiles into a .dll and works via winjecting the .dll into the process.

Now, i want to expand my horizons and make it a separate app that waits for the haloce process. My problem is that I'm not sure where to look.


Top
  Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 19 posts ] 

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group